Section 16.2 The Ship Security Plan (SSP) and its Implementation
The cornerstone of a ship’s defense against security threats, as mandated by the International Ship and Port Facility Security (ISPS) Code, is the Ship Security Plan (SSP). This comprehensive, vessel-specific document details the procedures, measures, and equipment to be employed to protect the ship, its crew, and its cargo from acts that threaten maritime security. The SSP is not merely a theoretical document; it is a practical, working plan that must be effectively implemented and regularly reviewed by the Master, the Ship Security Officer (SSO), and the entire crew. For a bulk carrier, with its unique operational profile and vulnerabilities, a well-developed and diligently implemented SSP is critical to maintaining a secure environment both at sea and in port.
1. Definition and Purpose of the Ship Security Plan (SSP):
Definition: The SSP is a plan developed to ensure the application of measures onboard the ship designed to protect persons on board, cargo, transport units, ship’s stores, or the ship itself from the risks of a security incident.
Primary Purpose:
To provide a structured framework for identifying and responding to security threats.
To establish clear roles, responsibilities, and procedures for security matters onboard.
To ensure that appropriate security measures are implemented and maintained at different security levels.
To facilitate communication and cooperation between the ship, the Company Security Officer (CSO), Port Facility Security Officers (PFSOs), and relevant authorities.
To provide a basis for training, drills, and exercises related to ship security.
To ensure compliance with the requirements of the ISPS Code and SOLAS Chapter XI-2.
2. Regulatory Requirement and Approval:
ISPS Code Part A, Section 9: Mandates that each ship shall carry on board a Ship Security Plan approved by the Administration (Flag State or a Recognized Security Organization – RSO – acting on its behalf).
Ship Security Assessment (SSA): The development of the SSP is based on a thorough Ship Security Assessment (SSA) carried out by the Company or an RSO. The SSA identifies potential threats, vulnerabilities, and existing security measures, forming the basis for the security measures detailed in the SSP.
Approval Process: The SSP is submitted to the Administration or RSO for review and approval. Once approved, it becomes the authoritative document for ship security onboard that specific vessel.
International Ship Security Certificate (ISSC): The issuance of an ISSC is contingent upon the vessel having an approved SSP and demonstrating its effective implementation.
3. Confidentiality of the SSP:
ISPS Code Part A, Section 9.7: States that the SSP shall be protected from unauthorized access or disclosure.
Reasoning: The SSP contains sensitive information about the ship’s security measures, procedures, and vulnerabilities. If this information falls into the wrong hands, it could be exploited by those intending to commit unlawful acts.
Practical Measures:
The SSP should be kept in a secure location onboard (e.g., Master’s safe, SSO’s locked cabinet).
Access should be restricted to authorized personnel (Master, SSO, CSO, and others with a legitimate need-to-know as defined in the plan).
Copies should be controlled.
When providing information from the SSP to external parties (e.g., PFSOs for pre-arrival information), only relevant sections should be disclosed, and confidentiality should be maintained.
4. Key Contents of a Ship Security Plan (as per ISPS Code Part A, Section 9.4):
The ISPS Code outlines the minimum elements that an SSP must address. For a bulk carrier, these translate into practical measures considering its specific operations:
A. Measures to Prevent Weapons, Dangerous Substances, and Devices Intended for Use Against Persons, Ships, or Ports from Being Taken Onboard:
Procedures for searching persons, baggage, ship’s stores, and cargo (though comprehensive searching of bulk cargo is often impractical, visual inspection during loading and awareness of cargo integrity are important).
Access control measures for stores and provisions delivery.
Guidelines for identifying suspicious items.
B. Identification of Restricted Areas and Measures for Their Prevention of Unauthorized Access:
Designated Restricted Areas: Common restricted areas on a bulk carrier would include the navigation bridge, engine room, steering gear room, Master’s/SSO’s office (where security documents are kept), accommodation areas (to varying degrees), and potentially specific critical machinery spaces or control rooms.
Control Measures: Locking doors/hatches, signage, surveillance (CCTV if fitted), patrols by watchkeepers, access lists for certain areas.
C. Measures for Preventing Unauthorized Access to the Ship:
Access Control Points: Typically the main gangway or accommodation ladder. Procedures for controlling access, including:
Identification checks for all persons boarding (crew, stevedores, visitors, officials).
Use of visitor logs and badges.
Escorting visitors within the ship.
Searching baggage or personal effects if deemed necessary based on the security level or specific threat intelligence.
Securing Unused Access Points: Ensuring all other potential access points (e.g., pilot ladders not in use, mooring ropes, other deck hatches/doors) are secured and monitored.
Deck Patrols: Especially at night or in high-risk ports.
Waterside Security: Monitoring the waterside of the vessel for suspicious craft, especially when at anchor or alongside a remote berth. Using ship’s lighting effectively.
D. Procedures for Responding to Security Threats or Breaches of Security (including provisions for maintaining critical operations of the ship/port interface):
Action plans for various scenarios, such as:
Unauthorized boarding / intruders detected.
Bomb threat / discovery of suspicious device.
Piracy or armed robbery attack.
Hijacking.
Stowaway discovery.
Sabotage.
Procedures for raising the alarm, mustering crew, communication (internal and external), and implementing defensive measures as appropriate and safe.
Maintaining essential ship operations (e.g., safe navigation, critical machinery) during a security incident.
E. Procedures for Responding to Security Instructions from Contracting Governments at the Three Security Levels:
The SSP must detail the specific additional protective measures to be implemented when the ship is instructed to operate at:
Security Level 1 (Normal): Standard baseline security measures.
Security Level 2 (Heightened): Additional protective measures for a heightened risk of a security incident (e.g., increased frequency of patrols, more thorough searches, restricted access to more areas).
Security Level 3 (Exceptional): Further specific protective measures for a limited period when a security incident is probable or imminent (e.g., severely restricted access, suspension of certain operations, preparation for evacuation, continuous monitoring).
These measures must be clearly defined and practicable.
F. Procedures for Evacuation in Case of Security Threats or Breaches of Security:
While distinct from safety evacuation (e.g., for fire/flooding), this addresses evacuation due to a security incident. May involve different muster points or procedures depending on the threat.
G. Duties of Shipboard Personnel Assigned Security Responsibilities and of Other Shipboard Personnel on Security Aspects:
Ship Security Officer (SSO): Clearly defined duties (see below).
Master: Overall responsibility for ship security.
All Crew Members: Responsibilities for maintaining vigilance, reporting suspicious activities/persons/objects, understanding and complying with security procedures, and participating in drills/exercises.
H. Procedures for Auditing Security Activities:
How the effectiveness of the SSP and its implementation will be checked (e.g., through internal audits by the CSO or designated personnel, and external audits by the Administration/RSO).
I. Procedures for Training, Drills, and Exercises Associated with the Plan:
Requirements for security-related training for all crew.
Schedule and procedures for conducting security drills (e.g., unauthorized access, bomb threat, piracy attack) and exercises (which may involve the Company or port facilities). Drills should be conducted at least every three months (or more frequently if crew changes often).
J. Procedures for Interfacing with Port Facility Security Activities:
Declaration of Security (DoS): Procedures for completing a DoS with a Port Facility Security Officer (PFSO) when required (e.g., when the ship is at a higher security level than the port, or when there is a ship/port interface with a non-ISPS compliant ship, or for specific high-risk operations). The DoS outlines agreed security measures and responsibilities.
Communication protocols with PFSO.
Coordination of security measures.
K. Procedures for the Periodic Review of the Plan and for Updating:
The SSP is not a static document. It must be reviewed regularly (e.g., annually, or after any security incident, or when new threats emerge, or if the ship’s trade changes significantly) and updated as necessary, with amendments approved by the Administration/RSO.
L. Procedures for Reporting Security Incidents:
To whom (CSO, port authorities, Flag State) and how security incidents, breaches, or threats should be reported.
M. Identification of the Ship Security Officer (SSO):
Name and rank of the officer designated as SSO.
N. Identification of the Company Security Officer (CSO):
Name and 24-hour contact details of the CSO.
O. Procedures to Ensure the Inspection, Testing, Calibration, and Maintenance of any Security Equipment Provided Onboard:
E.g., CCTV, access control systems, intruder alarms, SSAS.
P. Frequency for Testing or Calibration of any Security Equipment.
Q. Location(s) Where the Ship Security Alert System (SSAS) Activation Points are Provided:
At least two activation points, one on the navigation bridge and one in another location (e.g., Master’s cabin, engine control room). These locations should be known to relevant crew but kept discreet.
R. Procedures, Instructions, and Guidance on the Use of the Ship Security Alert System (SSAS):
Including testing procedures and protocols for avoiding false alerts. The SSAS transmits a covert ship-to-shore security alert to a competent authority designated by the Administration.
5. Implementation Onboard – The Master’s and SSO’s Role:
The Master has overall responsibility for the security of the ship and for ensuring the SSP is implemented effectively. The Ship Security Officer (SSO), designated by the Company and responsible to the Master, manages the day-to-day implementation.
A. Ship Security Officer (SSO) Duties (as per ISPS Code Part A, Section 12.2):
Undertaking regular security inspections of the ship to ensure appropriate security measures are maintained.
Maintaining and supervising the implementation of the SSP, including any amendments.
Coordinating the security aspects of the handling of cargo and ship’s stores with other shipboard personnel and with the relevant PFSOs.
Proposing modifications to the SSP to the Company.
Reporting to the CSO any deficiencies and non-conformities identified during internal audits, periodic reviews, security inspections, and verifications of compliance and implementing any corrective actions.
Enhancing security awareness and vigilance on board.
Ensuring that adequate training has been provided to shipboard personnel.
Reporting all security incidents.
Coordinating implementation of the SSP with the CSO and the relevant PFSO.
Ensuring that security equipment is properly operated, tested, calibrated, and maintained.
B. Practical Implementation Steps:
Familiarization and Training: All crew members must receive security familiarization and security awareness training appropriate to their duties. Those with specific security duties require more detailed training.
Implementing Access Controls: Manning the gangway, checking IDs, maintaining visitor logs, securing unused access points.
Conducting Security Patrols and Inspections: Regular patrols of deck areas, restricted areas, and vulnerable points, especially at higher security levels.
Operating and Testing Security Equipment: Ensuring CCTV, alarms, lighting, and SSAS are functional. Regular SSAS tests as per company/flag procedures (often quarterly or semi-annually, with notification to authorities to avoid false alarms).
Conducting Drills and Exercises: As per SSP schedule, covering various scenarios. Debrief after drills to identify lessons learned.
Maintaining Security Records: Keeping records of security training, drills, exercises, incidents, breaches, threats, changes in security levels, communications related to security, internal audits, and SSP reviews. These records are vital for audits and demonstrating compliance.
Liaison: Maintaining effective communication with the CSO and PFSOs. Completing DoS when required.
Vigilance: Fostering a culture of security awareness where all crew members are alert to suspicious activities, persons, or objects and know how to report them.
6. Challenges in SSP Implementation on Bulk Carriers:
Large, Open Deck Areas: Difficult to monitor all areas effectively, especially at night or with limited crew.
Multiple Access Points: Beyond the gangway, mooring ropes, pilot ladders, and even low freeboards can be exploited.
Long Port Stays with High Shore Personnel Traffic: Stevedores, surveyors, agents, vendors, etc., create a constant flow of people, making strict access control challenging but essential.
Crew Fatigue: Security duties, especially at higher security levels, can add to crew workload and fatigue if not managed properly with adequate manning for security tasks.
Complacency: If a vessel trades in perceived low-risk areas or has no incidents for a long time, security vigilance can wane. Regular drills and reminders are needed.
Balancing Security with Operational Needs: Security measures should not unduly impede essential ship operations, but safety and security must not be compromised for commercial expediency. Finding the right balance requires judgment.
Stowaway Searches: Thoroughly searching a large bulk carrier for stowaways is extremely difficult and time-consuming, yet essential in high-risk embarkation ports.
7. The SSP as a Living Document:
Like the SMS, the SSP must not be a static manual. It needs to be:
Understood and Used: Crew must be familiar with its relevant parts.
Reviewed Regularly: By the SSO, Master, and CSO.
Updated: To reflect changes in the ship’s trade, new threat assessments, lessons learned from incidents or drills, or amendments to the ISPS Code. Amendments require Administration/RSO approval.
Practical: Procedures should be workable for the specific vessel and its crew.
Analysis for the Master (SSP Implementation): The Master is the ultimate authority for security onboard and is responsible for ensuring the approved SSP is implemented effectively and consistently.
Leadership in Security: Visibly lead and support all security measures.
Empower the SSO: Provide the SSO with the necessary authority and resources to carry out their duties effectively.
Ensure Crew Training and Vigilance: Continuously promote security awareness and ensure all crew are trained and drilled.
Decision Making for Security Levels: Implement the appropriate security measures when the security level changes, based on instructions from the CSO or Contracting Government.
Reporting and Communication: Ensure all security incidents and breaches are reported promptly and accurately. Maintain effective communication with CSO and PFSO.
Balancing Security and Operations: Make informed decisions to maintain security without unduly hindering the ship’s essential operations, always erring on the side of security if there is a conflict.
The Ship Security Plan is the vessel’s blueprint for defense against unlawful acts. Its effective implementation, driven by a vigilant Master, a dedicated SSO, and a security-aware crew, is essential for protecting the valuable assets of the ship and its cargo, and most importantly, the lives of those onboard, in an often unpredictable maritime world.